防止 VSCode 远程容器中的 GPG 密钥共享
[英]Prevent GPG key sharing in VSCode Remote Container
问题描述
The following paragraph in the official docs describes how to enable GPG key sharing (from localhost to Remote Container) in VSCode ( https://code.visualstudio.com/docs/remote/containers#_sharing-gpg-keys ).
官方文档中的以下段落描述了如何在 VSCode ( https://code.visualstudio.com/docs/remote/containers#_sharing-gpg-keys ) 中启用 GPG 密钥共享(从本地主机到远程容器)。
The instructions (for Linux) simply state that to share GPG keys, install gnupg2 locally and in the container.说明(适用于 Linux)只需 state 即可共享 GPG 密钥,在本地和容器中安装gnupg2 。 But what if I have gnupg2 installed but I don't want to have the keys shared?但是,如果我安装了gnupg2但我不想共享密钥怎么办? From what I can tell, VSCode execs post-startup commands within the container where the key sharing gets done, eg:据我所知,VSCode 在完成密钥共享的容器中执行启动后命令,例如:
Copy /home/karlschriek/.gnupg/pubring.kbx to /home/vscode/.gnupg/pubring.kbx
Copy /home/karlschriek/.gnupg/trustdb.gpg to /home/vscode/.gnupg/trustdb.gpg
...
I have not been able to find a setting that will prevent this.我一直无法找到可以防止这种情况的设置。 It is also, presumably, using the same gpg-agent as the localhost.据推测,它也使用与本地主机相同的gpg-agent 。 I would like to prevent this.我想阻止这种情况。
1 个解决方案
解决方案1
0 2022-04-08 20:57:27
Since this behavior does not seem configurable, I would由于这种行为似乎不可配置,我会
- move those files in a custom folder (outside ~/.gnupg, and reference it with the
GNUPGHOMEenvironment variable将这些文件移动到自定义文件夹中(在 ~/.gnupg 之外,并使用GNUPGHOME环境变量引用它 - write a remote VSCode starter script which would launch VSCode after a local
export GNUPGHOME=""编写一个远程 VSCode 启动脚本,它将在本地export GNUPGHOME=""后启动 VSCode
That way, VSCode would search for gnupg files to share in the default ~/.gnupg folder, which is not used in your case.这样,VSCode 将搜索 gnupg 文件以在默认的 ~/.gnupg 文件夹中共享,您的情况未使用该文件夹。
It is a simple workaround, not an exact solution, but one simple enough to test.这是一个简单的解决方法,不是精确的解决方案,但足够简单以供测试。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.